Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.791 exploits
Referência
CVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits runn
60RISCO
abrir ↗Referência
CVE-2012-6588
SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL com
23RISCO
abrir ↗Referência
CVE-2018-18323
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/
60RISCO
abrir ↗Referência
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that ge
45RISCO
abrir ↗Referência
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that ge
45RISCO
abrir ↗Referência
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Ruby)
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that ge
45RISCO
abrir ↗Referência
dagger Web engine 23jan2007 - Remote File Inclusion
PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows r
45RISCO
abrir ↗Referência
CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive informatio
60RISCO
abrir ↗Referência
CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive informatio
60RISCO
abrir ↗Referência
LaVague 0.3 - 'printbar.php?views_path' Remote File Inclusion
PHP remote file inclusion vulnerability in views/print/printbar.php in LaVague 0.3 and earlier allows remote attackers t
45RISCO
abrir ↗Referência
CVE-2014-8686
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-
50RISCO
abrir ↗Referência
CVE-2017-6736
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabiliti
93RISCO
abrir ↗Referência
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to po
100RISCO
abrir ↗Referência
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to po
100RISCO
abrir ↗Referência
CVE-2022-28810
Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary
100RISCO
abrir ↗Referência
CVE-2016-7288
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (m
45RISCO
abrir ↗Referência
FileZilla FTP Server 0.9.21 - 'LIST/NLST' Denial of Service
FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to t
60RISCO
abrir ↗Referência
CVE-2017-8634
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current u
45RISCO
abrir ↗Referência
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attacke
60RISCO
abrir ↗Referência
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attacke
60RISCO
abrir ↗Referência
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attacke
60RISCO
abrir ↗Referência
CVE-2021-2109
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
63RISCO
abrir ↗Referência
CVE-2015-4495
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote
100RISCO
abrir ↗Referência
ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 an
60RISCO
abrir ↗Referência
ZeroShell 1.0beta11 - Remote Code Execution
cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell meta
60RISCO
abrir ↗Referência
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager before 2.4.7
45RISCO
abrir ↗Referência
Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers Denial of Service
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU con
45RISCO
abrir ↗Referência
CVE-2018-8453
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in
98RISCO
abrir ↗Referência
CVE-2018-8291
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft brow
45RISCO
abrir ↗Referência
CVE-2018-8288
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft brow
45RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.